kll's blog

Just like my last post about Python and ISIS, this one is just to inform of another ISIS implementation in Python. This time around it's pyisis an ISIS implementetion written by Chris Hopps, who also happens to be a colleague of mine.

My employer arranged for a hack day last month. It meant anyone participating was free to hack on anything they wanted and at the end of the day we got to present our work during a 2 minute flash presentation to our colleagues as well as a number of students from KTH's (Royal institute of technology) computer science program.

The detection of DDoS attacks is typically based on some form of threshold value and typically on traffic that is going to a potential target, ie to the host that we want to protect from attacks.

It can be a threshold value for total traffic or for a certain traffic class, like UDP packets, and the actual threshold value can either be configured statically or it can be more dynamic and based on previously collected data, ie baselining and from that finding anomalous traffic patterns.

Just had to write this entry, in hopes it will pop up on Google searches for Python and ISIS. For those of you that want to speak the routing protocol IS-IS with open source tools written in Python, it can be rather tricky finding things through Google as I have found out the hard way. Thankfully though, I stumled upon PyRT a few years ago. It's short for Python Routeing Toolkit and aims to provide a small suite of tools and libraries helping in diagnosing routeing information from IS-IS, OSPF and BGP.

In IOS you can easily sanitize communities on received BGP prefixes with the help of a route-map and a community-list, but how do you do such a thing on IOS XR? The tools provided seem a lot more coarse...

Got my hands on a fully DWDM C-band tunable XFP today! Didn't take long before it was properly seated in a small MX80 I have in close vicinity. Soon later, disappointed and dismayed to see a peak pegged to 1550nm on my spectrum analyzer...